When AI Doesn’t Travel: The Hidden Risks in Cross-Border M&A

What’s changing is the role AI now plays in how these businesses actually operate.

More often, the value of a deal is tied to an AI-enabled playbook: automation, decisioning, customer experience, cost structure. It’s not just upside; it’s often the business case.

But that playbook doesn’t automatically translate across markets: Only 12% of companies feel completely prepared to navigate the global patchwork of data privacy laws. That gap becomes even more pronounced when AI is involved—where regulatory expectations are still evolving and often inconsistent across markets.

In one country, a model can run as designed. In another, data restrictions limit what is allowed to be remembered. Somewhere else, vendor constraints or local regulations make it unusable altogether. And even where it’s technically allowed, the workforce may not be ready to operate it.

The result is a growing gap between what buyers model in diligence and what they can actually execute post-close.

That’s the shift: AI is no longer just part of the diligence process. It’s determining whether the deal works at all.

How and why AI regulation is reshaping cross-border M&A decisions

AI regulation is fragmented, fast-moving, and increasingly local. It shapes what models can do, where data can flow, and which vendors are viable. Most teams are tracking those changes. Fewer are translating them into decisions.

The companies pulling ahead are using regulation as a strategic filter—not just a compliance requirement. They are:

• Steering toward markets where their AI approach will scale
• Pressure-testing whether a target’s capabilities will hold up across jurisdictions
• Building real regulatory scenarios into deal assumptions

Everyone else risks discovering—too late—that their AI strategy doesn’t travel.

What we’re seeing in our M&A work with clients is that as AI becomes central to value creation in M&A deals, a new question is emerging in diligence: Can this business actually be operated and scaled with our AI approach across our geographic footprint?

We’re seeing leading buyers answer that through what we call “agent-readiness”—the ability to deploy, maintain, and govern AI in real-world conditions.

In practice, “agent-readiness” viability comes down to three things:

1. Technical portability: Can models be rehosted, retrained, and integrated into a new environment?
2. Regulatory viability: Can they legally operate across the markets that matter?
3. Workforce readiness: Can teams actually run and govern them over time?

When these three elements are in place, execution risk drops and value becomes more attainable. When they’re not, the impact shows up quickly—in pricing, deal structure, and integration complexity.

There’s also a common misread: Less-regulated markets appear easier. In practice, they often introduce higher downstream risk—around cybersecurity, IP, and vendor dependency.

The buyers who navigate this well validate technical feasibility early in diligence, especially for cross-border inference and hosting, build workforce ramp into integration planning, and tie uncertainty directly to deal terms, including structure, pricing, and escrow.

How AI commercial model structures (open vs. closed) impact M&A outcomes

One of the most underestimated factors in cross-border deals is how AI models are accessed, licensed and controlled. Whether a target relies on open, open-derived, or closed systems throughout its technology stack has direct implications for how easily it can be integrated, adapted, and scaled.

These aren’t just technical details. They are commercial constraints, drivers of value—and, increasingly, deal viability:

• Closed models can offer speed and performance advantages, but often come with restrictive licensing, limited transferability, and higher vendor dependency—making it harder to migrate, renegotiate, or scale across markets. They can also provide indemnification against copyright or IP infringement, which reduces certain legal risks but further reinforces reliance on the vendor.
• Open or open-derived models tend to be more portable and flexible, but can introduce questions around support, liability, and performance consistency—including less clarity around IP exposure and ownership depending on how they are deployed.

Where this becomes real is in diligence. Buyers need to understand:

• What rights they actually have to use, modify, or transfer the model and its outputs
• How licensing terms or export restrictions could limit deployment across markets
• How dependent the business is on specific vendors or APIs to operate core capabilities
• Whether the model—and its surrounding workflows—can be maintained or replaced without significant reengineering

These factors don’t just influence integration—they directly impact cost, flexibility, and long-term control of the target.

How to structure M&A deals around AI and regulatory risk

The most sophisticated buyers aren’t just identifying these risks—they’re structuring around them.

That means making model portability explicit, securing access to critical assets, and requiring visibility into how deployable the solution is across markets. It also means validating workforce readiness before close, rather than assuming it can be solved later.

The difference is discipline: If something materially affects value creation, it shows up in the deal terms—not just in the diligence report. Price it, protect against it, or require it to be fixed.

Buyers need a playbook that treats AI regulation and model design as core underwriting inputs:

• Pre-LOI: rapid regulatory scan and agent-readiness screen
• LOI: conditions tied to model access and regulatory fit
• Diligence: deep dive on model provenance and workforce readiness
• Integration: explicit migration and adoption plan

Most importantly, this needs to be quantified. Not as a generic risk buffer, but in real terms—time, cost, and impact on value creation.

Conclusion: Why AI regulation and M&A strategy go hand-in-hand

AI regulation, model architecture, and workforce readiness are now determining whether value is actually achievable post-close. That means it is more tied to M&A strategy than you might be comfortable with already.

The buyers who get this right aren’t reacting to AI policy and regulation as a constraint. They’re using the available information to shape better deals—targeting AI-ready markets, assessing agent-readiness early, making portability explicit, and quantifying what it will take to execute. Others who deemphasize AI policy and regs during the buying process will run into hurdles during integration and significant value creation limitations.

Authors: Alex Torgerson & Bret Greenstein